Jeez[.]PMSPotralService[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Jeez.PMSPotralService.dll
Size

3.1MB
MD5

995fba32a0d94ee4d67ca3ce70a51c25
SHA1

069de5431122688adb9a709f45ac457e3a5bc678
SHA256

218fec472002821fe5ca5c3ce2767b942afafaaeeba3a71fea8ff657290e1d17
SHA512

1881266263634b565b3f9c1e65d9df0b2de659e5c3f6a0d0b6e4fdffe6b5c145596820b4162c8e257be8363345c710fbd6fce23ca541edd0e05a7199cfb9cd64
SSDEEP

24576:mRcMY/ABcH0DC4njV71ixs8nghxHrPkuKs4E+MtTTodrpAM15B5X/w8:mqMY/AiCCu71iehxHrPkuKs4E+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Jeez.PMSPotralService.dll

Files

Jeez.PMSPotralService.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ